APIs for Businesses
Home
APIs
  • Checkout/ Deeplink
  • Merchant Proxy
  • Bill24 Hosted
  • Auto Direct Debit
  • KHQR Integration Specification for API
  • Notification API
  • On Boarding Sub Biller API
Home
APIs
  • Checkout/ Deeplink
  • Merchant Proxy
  • Bill24 Hosted
  • Auto Direct Debit
  • KHQR Integration Specification for API
  • Notification API
  • On Boarding Sub Biller API
CHECKOUT/ DEEPLINKMerchant ProxyBill24 HostedAuto Direct DebitKHQR Integration Specification for APINotification APIPayment Method
CHECKOUT/ DEEPLINKMerchant ProxyBill24 HostedAuto Direct DebitKHQR Integration Specification for APINotification APIPayment Method
  1. Activate Sub Biller API
  • Payment Method API
    • Overview
    • Response Code
    • MOBILE SDKS
      • iOS SDK
      • Android SDK
    • Authorization
      POST
    • Create Customer
      POST
    • Get Payment Methods
      GET
    • Settle Payment
      POST
    • Get List bills
      GET
    • Get Wallet Balance
      POST
    • Get Transaction Detail
      POST
  • Activate Sub Biller API
    • Overview
    • Response Code
    • Authorization
      POST
    • Onboarding
      POST
    • Get Available Banks
      GET
    • Add Link Account
      POST
  1. Activate Sub Biller API

Authorization

POST
https://merchantapi-demo.bill24.io/merchantsecurity/authorize
This endpoint is used to authorize users to obtain a token for accessing the API.
NOTE
Merchant is required to initiate an authorization process to obtain a token for accessing all API endpoints.
if token expired you can use refreshToken to get new token.
Required fields: client_id secret refreshToken

Request

Header Params
Accept
string 
required
Example:
application/json
Content-Type
string 
required
Example:
application/json
Body Params application/json
token
string 
required
Merchant token (provided by Bill24)
clientId
string 
required
ClientId (provided by Bill24)
secret
string 
required
Secret (provided by Bill24)
refreshToken
string 
optional
Refresh Token is used to extend the expiration date without requiring a token.
Example
{
  "token": "3687203e-1cf4-43de-8a1c-c2192248132a",
  "clientId": "supplier_client",
  "secret": "q<8X8Eu4,Lr[4sxn",
  "refreshToken": ""
}

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://merchantapi-demo.bill24.io/merchantsecurity/authorize' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{
    "token": "3687203e-1cf4-43de-8a1c-c2192248132a",
    "clientId": "supplier_client",
    "secret": "q<8X8Eu4,Lr[4sxn",
    "refreshToken": ""
}'

Responses

🟢200OK
application/json
Body
code
integer 
optional
Response code
message
string 
optional
Response message
data
object 
required
issuer
string 
required
The URL where the token was issued
token
string 
required
The Bearer token used for API requests
refreshToken
string 
required
The token is used to obtain a new access token when the current one expires.
tokenExpireTime
string 
required
The time when the token expires.
Example
{
  "code": 200,
  "message": "",
  "data": {
    "issuer": "http://192.168.197.18:23030",
    "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjZCOUY3RDZBMjA2MTQxQzkzQ0I2NEVFNjRGOTBBNUQwQTQzO",
    "refreshToken": "65EE30E135B51D343F077738345CBDEEA66A3A796494F172DCF2EE6C9C1E0B7B",
    "tokenExpireTime": "2024-06-24T14:46:07.8930774+07:00"
  }
}
Modified at 2025-03-26 09:35:20
Previous
Response Code
Next
Onboarding